CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1312 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1312
28 Apr 2022 — Use after free in storage in Google Chrome prior to 100.0.4896.88 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. Un uso de memoria previamente liberada en storage en Google Chrome versiones anteriores a 100.0.4896.88, permitía a un atacante que convencía a un usuario para que instalara una extensión maliciosa llevar a cabo un filtrado de sandbox por medio de una extensión de Chrome diseñada Multiple vulnerabil... • https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_11.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1125 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1125
28 Apr 2022 — Use after free in Portals in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction. Un Uso de memoria previamente liberada en Portals en Google Chrome versiones anteriores a 100.0.4896.60, permitía a un atacante remoto que convencía a un usuario de participar en una interacción específica con el usuario explotar potencialmente la corrupción de la pila por medio de la interacción c... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_29.html • CWE-416: Use After Free •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-1500 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1500
28 Apr 2022 — Insufficient data validation in Dev Tools in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass content security policy via a crafted HTML page. Una comprobación insuficiente de datos en Dev Tools en Google Chrome versiones anteriores a 101.0.4951.41, permitía a un atacante remoto eludir la política de seguridad de contenidos por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code ex... • https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_26.html • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1308 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1308
28 Apr 2022 — Use after free in BFCache in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en BFCache en Google Chrome versiones anteriores a 100.0.4896.88, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Ve... • https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_11.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1479 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1479
28 Apr 2022 — Use after free in ANGLE in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en ANGLE en Google Chrome versiones anteriores a 101.0.4951.41, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versi... • https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_26.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1305 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1305
28 Apr 2022 — Use after free in storage in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en storage en Google Chrome versiones anteriores a 100.0.4896.88, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Ve... • https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_11.html • CWE-416: Use After Free •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-1129 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1129
28 Apr 2022 — Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 100.0.4896.60 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. Una implementación inapropiada en el modo de pantalla completa en Google Chrome en Android versiones anteriores a 100.0.4896.60 permitía a un atacante remoto falsificar el contenido de la Omnibox (barra de URL) por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its deri... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_29.html • CWE-290: Authentication Bypass by Spoofing •
CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 1CVE-2022-1130 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1130
28 Apr 2022 — Insufficient validation of trust input in WebOTP in Google Chrome on Android prior to 100.0.4896.60 allowed a remote attacker to send arbitrary intents from any app via a malicious app. Una comprobación insuficiente de la entrada confiable en WebOTP en Google Chrome en Android versiones anteriores a 100.0.4896.60, permitía a un atacante remoto enviar intenciones arbitrarias desde cualquier aplicación por medio de una aplicación maliciosa Multiple vulnerabilities have been found in Chromium and its derivativ... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_29.html • CWE-476: NULL Pointer Dereference •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1478 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1478
28 Apr 2022 — Use after free in SwiftShader in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en SwiftShader en Google Chrome versiones anteriores a 101.0.4951.41, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code exec... • https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_26.html • CWE-416: Use After Free •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1501 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1501
28 Apr 2022 — Inappropriate implementation in iframe in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Una implementación inapropiada de iframe en Google Chrome versiones anteriores a 101.0.4951.41, permitía a un atacante remoto filtrar datos de origen cruzado por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions less than 5.15.5_p... • https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_26.html • CWE-668: Exposure of Resource to Wrong Sphere •